As you probably already know, it is always necessary to have valid legal reasons to process your users' data in a GDPR compliant way. This may be accomplished by retrieving your users’ consent, or might also be a part of your contractual agreements - if it is, for example, part of your offer to provide continuous customer services.
In any case, we recommend adding a publicly accessible explanation (e.g. online in your privacy policy) how you collect data, which data is collected, for which purposes it is processed and how a person can make use of their subject rights (e.g. inform which data is stored, alter or delete data). Additionally, you may add how long the data is kept, what the legal basis is for retrieving information (e.g. we are not collecting personal data without your explicit consent), where the information is sent to and which TOMs you have in place.
The next paragraphs will provide more details about different usage models of GetFeedback Digital 4 Email and applicable GDPR requirements.
GetFeedback Digital in Newsletters
For sending out Newsletters, it is a GDPR requirement to retrieve your users' explicit consent (also without using our solution). It is perfectly legitimate to make use of GetFeedback Digital in your Newsletters, since this directly contributes to improving User Experience and future content of Newsletters. However, it is also important to communicate this purpose transparently.
As an additional safeguard, you may optionally include a phrase to your declaration of consent, which states that feedback processing is part of your newsletter service to improve future content.
GetFeedback Digital for Reviewing Customer Services
For providing customer services, it is also important to have a valid reason why you reach out to your customers (e.g. this may be based on the consent of your users or contractual definitions between you and your customers). Again, it is perfectly legitimate to make use of GetFeedback Digital for reviewing customer services, since this directly contributes to improving User Experience and future customer service.
Depending on the legal foundation of your processing activities, it is, for example, possible to include a phrase to your declaration of consent or to applicable agreements with your customers to inform them for which purposes you process feedback and that it is part of the service (as an additional safeguard).
GetFeedback Digital Full Screen Surveys in Emails
The same principles as described above apply when it comes to using hyperlinks to full-screen surveys in your emails: it is a requirement to have a legal base for processing your users' data. Whatever this legal base may be, you can always communicate transparently how and for which purposes you make use of our solution and, more importantly, explain why it is also part of the specific service you provide.
To summarise the key points, you can use GetFeedback Digital in a GDPR compliant way if you:
• are transparent in which way you process data,
• have valid reasons, which allow you to process your users' data (e.g. consent of your users, contractual requirements) and
• follow subject requests by your users (e.g. information about and rectification or deletion of their data).
We support you to handle subject requests! The extraction, rectification or deletion of individual feedback items upon request of a data subject can be easily fulfilled within the legally defined period. If you have any questions feel free to contact us at any time.